Re: Threat detection enhancement algorithms
Only until they design a computer that can tell the difference between data and executable code and don't execute code downloaded through a browsing session.
You can do that at the moment through group policy, the out of the box settings for windows are pure insanity from a security point of view. Simply set a software restriction policy blocking any executable file from running outside of %program files% or %AuthorisedNetworkShare% and about 90% of threats vanish immediately.
You can trim down another ~9.9% of threats by doing some additional hardening by downloading the gpo addins for flash etc, and configure those not to allow flash files to upload information, download information or access the file system. And force it to always run in protected mode. And then get the office GPO's, and set each application to refuse to run unsigned macros, disable file downloads and scripting etc.
A decently paranoid job with GPO's can make it virtually impossible to run trojans either accidentially or deliberately, essentially reducing your attack surface to local exploits launched against you by machines on the network that you don't control. And you can actually control that threat by locking things down what's on your network to MAC addresses.
Which just leaves the 0.1% of attacks that might come out of the blue from somewhere that you don't expect. But you can deal with most predictable attack methods with tools that are provided out of the box on a standard installation, free of charge.